Data communications, and other types of communications as well, are conducted over various types of networks that allow one party to transmit, for example, data, voice, and streaming multimedia presentations to one or more other parties during a communication session. A standard telephone network, for example, is a switched network where a communication circuit between the two (or more) parties is established by a series of links that are connected by switching mechanisms. In this type of network, it is possible to monitor the status of each switch and link in the communication circuit to know which are involved in the communication session in question. Absent some problem, the circuit is usually created for the duration of the sessions, and the various links and switches involved are released when the session is terminated.
In another type of network, which operates somewhat differently, a packet-switching technology may be used. FIG. 1 is a simplified block diagram illustrating a communication system 10 that includes a packet-switching network 20. Communication system 10 includes a first node 12 and a second node 14. There are usually a great many such nodes, of course, but these will serve for the purpose of illustration. These nodes may be, for example, personal computers, mobile telephones, or similar devices that may communicate with each other via the packet-switching network 20. Lines 13 and 15 represent the communication channel or channels that are used by the nodes to send and receive information. These channels may be, for example, telephone lines, dedicated cables, or radio channels. The packet-switching network 20 may be the Internet or a similar network. The network is frequently represented as a cloud in illustrations because it is actually composed of a myriad of switches, routers, other nodes that form the vast network though which packets may be routed.
According to this networking scheme, information is represented in digital form and separated into many small information-bearing units called packets. Each packet bears the address of its destination. Packets are sent through the network of components, toward their final destination, but not every packet will take the same route. They do not necessarily arrive in order, and therefore also bear identification and sequencing information so that the transmitted data may be reassembled in its original form. Lookup tables are distributed so that each responsible node is able to route received packets toward their destination.
A set of rules or standards that exist for packet-switching networks is usually referred to as a protocol; the Internet uses one referred to simply as the Internet protocol (IP—or IPv6 to indicate, for example, version 6 of the Internet protocol). The network protocol governs how, among many things, packets are assembled and routed, how errors are corrected, and how the individual network components should communicate with each other.
Some provisions are included for confidential communications, for example through the use of encryption keys. When two (or more) nodes, such as node 12 and node 14 shown in FIG. 1, establish a communication session, they are able to exchange keys in a sequence of messages and generate a shared secret encryption key (KS). Any node that does not possess KS will not be able to decrypt the transmissions between the end nodes 12 and 14. One protocol that governs such a procedure is referred to as IKEv2 (Internet key exchange version 2), although others have been promulgated as well. An ART (address reachability test) is often performed in conjunction with the key exchange so that each end node gains some assurance about the topological location of the other end node.
Although use of a shared secret key provides a good deal of transmission security, it leaves the communication session vulnerable to some false-location attacks (for example the so-called man-in-the-middle attack). FIG. 2 is a simplified block diagram illustrating the problem introduced by such an attack. In this example, end node 24, which is perhaps a server of some kind, receives a notification that a client wishes to establish a communication session. The client purports to be end node 22, which accesses the communication network via access router 23. A key exchange will ensue so that encrypted information may be transmitted back and forth between the two end nodes. What end node (server) 24 has no way of knowing, however, is whether it is actually conducting the key exchange with a node 26 that has interposed itself along the path between end node 24 and access router 23. If node 26 involves itself in the key exchange process, it will be able to intercept and decrypt communications, selectively passing on whatever information it wants to end nodes 22 and 24, who will be unaware that this is occurring. Neither the key exchange itself nor the ART will typically detect this type of attack.